Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: su permission
Top Forums UNIX for Dummies Questions & Answers su permission Post 22772 by Kelam_Magnus on Monday 10th of June 2002 03:20:02 PM
Old 06-10-2002
Dear adme,

There are several Security software packages that will monitor unauthorized access to root user which will give email to root.

Also, I don't know what OS version you are using, but in HPUX, there is a config file that allows/restricts su rights, called scfmgr.

However, it is proprietary to HPUX only. Many versions of UNIX don't regulate the su command other than changing the permissions.

Just turing off su to all except root is sometimes impossible to do because some applications, ie Oracle, NetBackup, need su ability to get to root to execute some commands as root.


You will just have to protect the root password closely.
Smilie
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

permission help

Ok heres the situation I've been studying Solaris 8 for about 6 months now and some things click in my head but others don't. One of the things that don't click are file permissions. For example I login at work and I use the ls -l command to get a long listing of the files w/ the permissions.... (2 Replies)
Discussion started by: eloquent99
2 Replies

2. UNIX for Dummies Questions & Answers

permission

Is it possible to set owner to a group? I need to have a group own a process, because there will be 3 diffrent persons that will start and stop this process. They can not use the same users cause och back logging. we need to know who end when a certian user start/stops processes. (1 Reply)
Discussion started by: dozy
1 Replies

3. UNIX for Dummies Questions & Answers

Permission?

What does the following permission indicate? -rwSr----- 1 oracle dba 1536 Nov 7 17:05 orapwRTMDB Thanks, Rahul. (1 Reply)
Discussion started by: rahulrathod
1 Replies

4. UNIX for Dummies Questions & Answers

File Permission

Hi, When I listed one directory in Sun, it showed that : -rwsr-xr-x 1 root bsmbin 78004 Oct 21 2004 bsmprsm I don't know meaning of the character "s" in "rws" above. I have searched in Sun admin documents but no result. Would you please explain it ? :) Thank you so much. (1 Reply)
Discussion started by: msg098
1 Replies

5. UNIX for Dummies Questions & Answers

User permission

Hi all, I created testuser. by following command. /usr/sbin/adduser -n test -d /disk05/collections/GET/testdata/ and then set its password by following command. passwd testuser When I login to system by testuser, it enters everything is ok. The problem is how to set permission to this... (3 Replies)
Discussion started by: mr_bold
3 Replies

6. Ubuntu

Permission (I Think)

Pictures by worthamtx - Photobucket The URL is graphic view my present concern. Old partition working great sdb1 both appear on nautilus, both deliver icons to desk top. Based on the label handling of gparted results I tried following with success sudo mkdir /media/disk/data sudo chown... (1 Reply)
Discussion started by: 77yrold
1 Replies

7. UNIX for Dummies Questions & Answers

Permission

Hello Whenever we want to oen any type of file by name, we must have execute perm. in each dir. mentioned in the name. I changed the dir permission using chmod to test the validity of this statement. but i still can open the file ------- any guides would be appreciable (2 Replies)
Discussion started by: dr_mabuse
2 Replies

8. UNIX for Dummies Questions & Answers

really need help with permission changes

I dont understand why permission changes are being such a pain in the bum even after I manually changed them through properties....Anyone know what to do here because even thoguh in properties the permissions make me local admin over in the Cygwin its not working.. ... (5 Replies)
Discussion started by: okhawaja
5 Replies

9. Linux

Permission denied

I am using korn shell When I type in Telnet on cmd line, I get message "cannot execute" How can I get permission to execute command ? In which dir is telnet located ? I looked in /usr/bin dir. but its not there Thanks (1 Reply)
Discussion started by: paramshamnani
1 Replies

10. Ubuntu

Permission denied

Trying to get date into the txt file. It says Permission denied. echo $(date +%I:%M:%S_%D) >> /tmp/systemd_suspend_test_err.txt exec 2>> /tmp/systemd_suspend_test_err.txt if ; then # Do the thing you want before suspend here echo "we are suspending $(date +%I:%M:%S_%D)." elif ;... (5 Replies)
Discussion started by: drew77
5 Replies

LEARN ABOUT DEBIAN

sulogin

SULOGIN(8)						Linux System Administrator's Manual						SULOGIN(8)

NAME

       sulogin - Single-user login

SYNOPSIS

       sulogin [ -e ] [ -p ] [ -t SECONDS ] [ TTY ]

DESCRIPTION

       sulogin	is invoked by init(8) when the system goes into single user mode.  (This is done through an entry in inittab(5).)  Init also tries
       to execute sulogin when the boot loader (e.g., grub(8)) passes it the -b option.

       The user is prompted

	    Give root password for system maintenance
	    (or type Control-D for normal startup):

       If the root account is locked, no password prompt is displayed and sulogin behaves as if the correct password were entered.

       sulogin will be connected to the current terminal, or to the optional device that can be specified on the command line (typically /dev/con-
       sole).

       If the -t option is used then the program only waits the given number of seconds for user input.

       If  the	-p  option  is	used  then  the single-user shell is invoked with a dash as the first character in argv[0].  This causes the shell
       process to behave as a login shell.  The default is not to do this, so that the shell will  not	read  /etc/profile  or	$HOME/.profile	at
       startup.

       After the user exits the single-user shell, or presses control-D at the prompt, the system will (continue to) boot to the default runlevel.

ENVIRONMENT VARIABLES

       sulogin	looks for the environment variable SUSHELL or sushell to determine what shell to start. If the environment variable is not set, it
       will try to execute root's shell from /etc/passwd. If that fails it will fall back to /bin/sh.

       This is very valuable together with the -b option to init. To boot the system into single user mode, with  the  root  file  system  mounted
       read/write, using a special "fail safe" shell that is statically linked (this example is valid for the LILO bootprompt)

       boot: linux -b rw sushell=/sbin/sash

FALLBACK METHODS

       sulogin	checks the root password using the standard method (getpwnam) first.  Then, if the -e option was specified, sulogin examines these
       files directly to find the root password:

       /etc/passwd,
       /etc/shadow (if present)

       If they are damaged or nonexistent, sulogin will start a root shell without asking for a password. Only use the -e option if you  are  sure
       the console is physically protected against unauthorized access.

AUTHOR

       Miquel van Smoorenburg <miquels@cistron.nl>

SEE ALSO

       init(8), inittab(5).

								    17 Jan 2006 							SULOGIN(8)
All times are GMT -4. The time now is 05:55 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy